1697 matches found
Greg Matthews - Classifieds.cgi 1.0 MetaCharacter
Greg Matthews - Classifieds.cgi 1.0 MetaCharacter source: https://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script part of the classifieds package by Greg Matthews which provides simple classified ads to web sites. Due to improper input validation it can be used to read files ...
IBM AIX 4.3 - infod Local Privilege Escalation
IBM AIX 4.3 - infod Local Privilege Escalation / source: https://www.securityfocus.com/bid/370/info Certain versions of AIX ship with an Information Daemon, infod. This program is designed to provide information about the OS and installed ancilliary programs. The daemon which runs as root, does n...
Digital UNIX 4.04.0 B4.0 D - SUIDSGID Core File
Digital UNIX 4.04.0 B4.0 D - SUIDSGID Core File source: https://www.securityfocus.com/bid/74/info Digital UNIX 4.0 will follow symlinks while writting core files if two setuid programs dump core in sucession. The core file is owned by root but with the user's groud id. The core file permissions a...
Solaris 2.4 - binfdformat Local Buffer Overflow
Solaris 2.4 - binfdformat Local Buffer Overflow --------------------------- lion24.c --------------------------------- / Solaris 2.4 / include include include include define BUFLENGTH 264 define EXTRA 36 define STACKOFFSET -56 define SPARCNOP 0xa61cc013 uchar sparcshellcode =...
SGI IRIX 5.3 - 'pkgadjust' Local Privilege Escalation
source: https://www.securityfocus.com/bid/419/info A vulnerability exists in the pkgadjust utility shipped with Irix 5.3 from Silicon Graphics. This vulnerability can result in the compromise of the root account. % cat getroot.c int main setuid0; chown"sh",0,0; chmod"sh",04755; return 0; % cc...
suid_perl 5.001 vulnerability
Exploit for linux platform in category local exploits ============================= suidperl 5.001 vulnerability ============================= !/usr/bin/suidperl -U $ENVPATH="/bin:/usr/bin"; $=0;$=0; exec"/bin/bash"; 0day.today 2018-04-09...
CVE-2020-24510
...
CVE-2025-52437
...
CVE-2018-4706
...
CVE-2020-35536
...
CVE-2018-4618
...
CVE-2012-3773
...
CVE-2013-5258
...
Security Update for SQL Server 2016 Service Pack 3 GDR (KB5068401)
Security issues have been identified in the SQL Server 2016 Service Pack 3 GDR that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...
Security Update For Exchange Server 2016 CU13 (KB4523171)
A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via Powershell. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the logged in user...
Security Update For Exchange Server 2013 CU23 (KB4581424)
A Microsoft Exchange information disclosure exists in how tokens are validated when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user...
Security Update for SQL Server 2014 Service Pack 3 GDR (KB4532095)
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account. To exploit the vulnerability, an...